MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 9

Intelligence 9 IOCs YARA File information Comments

SHA256 hash:	592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a
SHA3-384 hash:	fa1b198b627b84bb8a4d84d817dde8f2e7814dcfdf17a650362d33bf0ee4606d70ad64a513ee520ed545ae51005b00ef
SHA1 hash:	0f4c6b73151ff2f2d45699c8d4f52dca6300d20d
MD5 hash:	ba46f4c0d99bb6af2c876936ab3b133b
humanhash:	cup-may-blossom-seven
File name:	systemx64.arm6
Download:	download sample
Signature	Mirai Create hunting rule
File size:	119'279 bytes
First seen:	2026-02-05 18:26:32 UTC
Last seen:	Never
File type:	elf
MIME type:	application/x-executable
ssdeep	1536:/DnzCQTHuQ+NTwFUYl4g/9LyRb8MEWVTEoa3pCJG7c5TG2ekETvGVGNypfK8DxDo:ShQVnQ899wekEChf1DAtKVklaHz97VW
TLSH	T1BAC32A85BC828A2289D413BFF92D01CE331727A9D2DF7212DD111F2577CAA6B0DB7652
TrID	50.1% (.) ELF Executable and Linkable format (Linux) (4022/12) 49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Magika	elf
Reporter	abuse_ch
Tags:	elf mirai

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Malware configuration found for:

Mirai

Details

Link:

https://research.acce.ciphertechsolutions.com/results/39807423-e088-4c1b-803d-70042a985ede/

Verdict:

Unknown

Threat level:

0/10

Confidence:

100%

Tags:

masquerade rust

Link:

https://www.filescan.io/uploads/6984e0fd2ffccda09768f769/reports/878910c4-11c0-4d56-85b9-87c5090bddb1/overview

Verdict:

Malicious

Uses P2P?:

false

Uses anti-vm?:

false

Architecture:

arm

Packer:

not packed

Botnet:

unknown

Number of open files:

Number of processes launched:

Processes remaning?

false

Remote TCP ports scanned:

not identified

Full report:

https://elfdigest.com/brief/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a

Behaviour

no suspicious findings

Botnet C2s

TCP botnet C2(s):

not identified

UDP botnet C2(s):

not identified

Result

Gathering data

Verdict:

Unknown

File Type:

Link:

https://opentip.kaspersky.com/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a/results?tab=lookup

Status:

Failed

Link:

https://sandbox.kunai.rocks/analysis/50edeb41-fe23-4eac-bdcc-cb0b48229cc7

Verdict:

Unknown

Link:

https://analyze.intezer.com/analyses/36b1b759-9338-4b5a-8cb9-a434eb38bc1a

Result

Threat name:

n/a

Detection:

malicious

Classification:

n/a

Score:

48 / 100

Link:

https://www.joesandbox.com/analysis/1864255

Signature

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Score:

100%

Verdict:

Malware

File Type:

ELF

Link:

https://malprob.io/report/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a/

Verdict:

Malicious

Threat:

Family.MIRAI

Link:

https://tip.neiki.dev/file/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a

Threat name:

Linux.Backdoor.Mirai

Status:

Malicious

First seen:

2026-02-05 18:27:12 UTC

File Type:

ELF32 Little (Exe)

AV detection:

12 of 36 (33.33%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=lex4jiuqv4ira74owsnkhi3vfwfhqiuxd45phbq2gfis6sg6bmfa._file

Result

Malware family:

mirai

Score:

10/10

Tags:

family:mirai

Link:

https://tria.ge/reports/260205-w3tehsfx3e/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 592fc4a290af11107f8eb49aa3a3752d8a7822971f3af3861a31512f48de0b0a

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3758148/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample